Maintaining control while delegating trust: Integrity constraints in trust management

Sandro Etalle, William H. Winsborough

    Research output: Contribution to journalArticleAcademicpeer-review

    2 Citations (Scopus)
    1 Downloads (Pure)


    We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then, we address the fact that not all participants in a trust-management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.
    Original languageUndefined
    Article number10.1145/1609956.1609961
    Pages (from-to)5:1-5:27
    JournalACM transactions on information and system security (TISSEC)
    Issue number1
    Publication statusPublished - 2009


    • EWI-17131
    • SCS-Cybersecurity
    • distributed system security
    • IR-69534
    • Integrity
    • Trust Management
    • METIS-264303
    • Access Control

    Cite this